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Listing of the Claims 

1 . (Currently amended) A method comprising: 

(a) initiating a connection via a publicly accessible network from a wireless device, 
wherein 

the wireless device includes an unprovisioned virtual private network (VPN) 
program and an unprovisioned automatic content updating (ACU) program, and 

the ACU program is configured, upon provisioning, to communicate with one or 
more remotely-located devices on behalf of at least one additional program that is distinct from 
the ACU and VPN programs; 
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(b) {cj receiving, in the wireless device and using the connection, information for 
provisioning the ACU program; 

H H ij provisioning the ACU program based upon the information received in step 

(&).{£).; 

(d)Ce) receiving in the wireless device, via the publicly accessible network and using the 
provisioned ACU program, information for provisioning the VPN program; 

fe¥f) provisioning the VPN program based upon the information received in step Hl)(e); 

and 

tft fg) creating a secure communication link using the provisioned VPN program. 

2. (Currently amended) The method of claim 1, wherein the information received in step 
(b-Xc) comprises an ACU certificate corresponding to the wireless device and the information 
received in step ££ Ke) comprises a VPN certificate corresponding to the wireless device. 



3. (Currently amended) The method of claim 1, further comprising: 
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: .: :i : j determining whether an update to the VPN program is available; 
(Hill receiving the update; and 
&XO implementing the update. 

4. (Canceled) 

5. (Currently amended) The method of claim 1, further comprising: 

Hf-HLh) sending, prior to step (4)(e), a certificate enrollment request for forwarding to an 
external certification authority (CA). 

6. (Canceled) 

7. (Canceled) 

8. (Currently amended) The method of claim 1, further comprising: 

fgXli) determining whether an update is available for the at least one additional program; 

and 

f¥j(i) receiving an update for the at least one additional program. 

9. (Canceled) 

10. (Currently amended) The method of claim 1, further comprising: 

(gi(h) fetching, from one of the one or more remotely-located devices, content or content 
metadata applicable to the at least one additional program; and 

MO; Q storing, by the at least one additional program, the fetched content or content 
metadata. 
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1 1 . (Previously presented) The method of claim 1, wherein the ACU program communicates 
using a SyncML protocol. 

12. (Currently amended) The method of claim 1, further comprising: 

fg-Vhj storing, in a configuration record for the VPN program, an Internet Access Point 
(IAP) to be used when communicating with one of the one or more remotely-located devices on 
behalf of the VPN program. 

13. (Previously presented) The method of claim 1, wherein the ACU program communicates 
using a simple request-response protocol, and wherein a protocol transaction consists of a single 
request-response pair. 

14. (Currently amended) The method of claim 1, further comprising: 

fgr)(h) fetching, from one of the one or more remotely-located devices, content metadata 
applicable to the at least one additional program; 

comparing fetched metadata to locally stored metadata; and 

< HQ.) fetching new or updated content from the one of the one or more remotely-located 
devices based upon the comparison. 

15. (Currently amended) The method of claim 14, wherein the ACU program includes in 
fetch requests in steps s 1 and * - \ ■ content identifications (IDs) required by the one of the one 
or more remotely- located devices. 

16. (Currently amended) The method of claim 1, further comprising: 

fetching, from multiple databases in one of the one or more remotely-located 
devices, metadata about multiple types of content. 
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17. (Previously presented) The method of claim 1, wherein the ACU program transmits 
requests containing properties used by one of the one or more remotely-located devices to filter 
requests. 

18. (Previously presented) The method of claim 1, wherein messages generated by the ACU 
program and communicated to one of the one or more remotely-located devices include a 
message identifier, a target database identifier, and a security level. 

19. (Previously presented) The method of claim 18, wherein a first security level is required 
to receive configuration information for the VPN program and a second security level is required 
to receive another type of information. 

20. (Previously presented) The method of claim 18, wherein at least one message generated 
by the ACU program includes an element indicating that the at least one message is a last 
message relating to a specific task. 

21. (Previously presented) The method of claim 18, wherein the ACU program requests 
configuration information in a single message. 

22. (Canceled) 

23. (Currently amended) The method of claim 321, further comprising: 

(h) using the certificate stored in step (*->{fc). to validate subsequent responses from that 
remotely-located device. 

24. (Previously presented) The method of claim 23, wherein: 
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the certificate corresponding to the one of the one or more remotely-located 
devices is validated based on a hash calculated over an entire ACU message, except for a 
signature element of that ACU message, 

the hash is signed with a private key held by the one of the one or more remotely- 
located devices, and 

the certificate corresponding to the one of the one or more remotely-located 
devices is included in a first response from the one of the one or more remotely-located devices 
and is used by the wireless device to verify the signature and identify and authenticate a sender. 

25. (Currently amended) An apparatus comprising: 

a transceiver configured to provide a wireless interface to a publicly accessible network; 

and 

a processor configured to perform steps that include 

(a) initiating a connection via the publicly accessible network, wherein 

the apparatus includes an unprovisioned virtual private network (VPN) program 
and an unprovisioned automatic content updating (ACU) program, and 

the ACU program is configured, upon provisioning, to communicate with one or 
more remotely-located devices on behalf of at least one additional program that is distinct from 
the ACU and VPN programs, 
ll>LiK5oxiu.;^ 

o ^ v o - -ung includes requiring input of r\:- ; h ; ; - . 

; = :; : h ■■■ i:; 

fb)(c) receiving, using the connection, information for provisioning the ACU program, 
i ( v provisioning the ACU program based upon the information received in step rt> He], 
fs-?(c! receiving, via the publicly accessible network and using the provisioned ACU 
program, information for provisioning the VPN program, 
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: <:.L: provisioning the VPN program based upon the information received in step (4-Kc), 

and 

ff) (gi creating a secure communication link using the provisioned VPN program. 

26. (Currently amended) The apparatus of claim 25, wherein the information received in step 
(%-)£cj comprises an ACU certificate corresponding to the apparatus and information received in 
step (4){e) comprises a VPN certificate corresponding to the apparatus. 

27. (Currently amended) The apparatus of claim 25, wherein the processor is further 
configured to perform steps that include 

fg) (h) determining whether an update to the VPN program is available, 

receiving the update, and 
(00) implementing the update. 

28. (Canceled) 

29. (Currently amended) The apparatus of claim 25, wherein the processor is further 
configured to perform steps that include 

r^4ill) sending, prior to step f«-?{c?, a certificate enrollment request for forwarding to an 
external certification authority (CA). 

30. (Canceled) 

31. (Canceled) 

32. (Currently amended) The apparatus of claim 25, wherein the processor is further 
configured to perform steps that include 
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teiXh.) determining whether an update is available for the at least one additional program, 

and 

^-Kjj receiving an update for the at least one additional program. 

33. (Canceled) 

34. (Currently amended) The apparatus of claim 25, wherein the processor is further 
configured to perform steps that include 

fftiill fetching, from one of the one or more remotely-located devices, content or content 
metadata applicable to the at least one additional program, and 

(-H(ij storing, by the at least one additional program, the fetched content or content 
metadata. 

35. (Previously presented) The apparatus of claim 25, wherein the ACU program 
communicates using a SyncML protocol. 

36. (Currently amended) The apparatus of claim 25, wherein the processor is further 
configured to perform steps that include 

(g)i h ) storing, in a configuration record for the VPN program, an Internet Access Point 
(IAP) to be used when communicating with one of the one or more remotely-located devices on 
behalf of the VPN program. 

37. (Previously presented) The apparatus of claim 25, wherein the ACU program 
communicates using a simple request-response protocol, and wherein a protocol transaction 
consists of a single request-response pair. 



38. (Currently amended) The apparatus of claim 25, wherein the processor is further 
configured to perform steps that include 



Application Serial No. 10/609,011 

(Atty. Docket No. 004770.00133) 

: .: ;i i j fetching, from one of the one or more remotely-located devices, content metadata 
applicable to the at least one additional program, 

^Li). comparing fetched metadata to locally stored metadata, and 

j : fetching new or updated content from the one of the one or more remotely- located 
devices based upon the comparison. 

39. (Currently amended) The apparatus of claim 38, wherein the ACU program includes in 
fetch requests in steps i g-}(h s and content identifications (IDs) required by the one of the one 
or more remotely- located devices. 

40. (Currently amended) The apparatus of claim 25, wherein the processor is further 
configured to perform steps that include 

H ?{h_) fetching, from multiple databases in one of the one or more remotely- located 
devices, metadata about multiple types of content. 

41. (Previously presented) The apparatus of claim 25, wherein the ACU program transmits 
requests containing properties used by one of the one or more remotely-located devices to filter 
requests. 

42. (Previously presented) The apparatus of claim 25, wherein messages generated by the 
ACU program and communicated one of the one or more remotely-located devices include a 
message identifier, a target database identifier, and a security level. 

43. (Previously presented) The apparatus of claim 42, wherein a first security level is 
required to receive configuration information for the VPN program and a second security level is 
required to receive another type of information. 
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44. (Previously presented) The apparatus of claim 42, wherein at least one message 
generated by the ACU program includes an element indicating that the at least one message is a 
last message relating to a specific task. 

45. (Previously presented) The apparatus of claim 42, wherein the ACU program requests 
configuration information in a single message. 

46. (Canceled) 

47. (Currently amended) The apparatus of claim 4*05, wherein the processor is further 
configured to perform steps that include 

(h) using the certificate stored in step (g->£b) to validate subsequent responses from that 
remotely-located device. 

48. (Canceled) 

49. (Canceled) 

50. (Currently amended) The method of claim 491, wherein the multiple characters are a 
portion of an identifier for the certificate corresponding to one of the one or more remotely- 
located devices. 

51. (Canceled) 

52. (Currently amended) The apparatus of claim §4-25. wherein the multiple characters are a 
portion of an identifier for the certificate corresponding to one of the one or more remotely- 
located devices. 
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